Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• Ford Motor Company issued a recall December 5 for 602,739 of its
model years 2013 –2017 Ford Fusion vehicles and 2013 –2015 Lincoln MKZ vehicles
sold in the U.S. – TheCarConnection.com

6. December 5,
TheCarConnection.com – (International) Ford recalls 2013-17 Ford Fusion,
2013-15 Lincoln MKZ for seatbelt, seat back problems. Ford Motor Company
issued a recall December 5 for 602,739 of its model years 2013 –2017 Ford
Fusion vehicles and model years 2013 –2015 Lincoln MKZ vehicles sold in the
U.S. due to an issue with the seatbelt anchor pretensioners where heat
generated during deployment can cause the pretensioner cables to separate,
thereby causing the seatbelt to improperly restrain the occupant and increasing
the risk of injury. The recall also affects 35,614 vehicles in Canada, 8,665 in
Mexico, and 653 elsewhere. Source: http://www.thecarconnection.com/news/1107607_ford-recalls-2013-17-ford-fusion-2013-15-lincoln-mkz-for-seatbelt-seat-back-problems

• A Germantown, Maryland resident pleaded guilty December 1 to
embezzling at least $1.02 million from her employer, a Chevy Chase-based
financial institution, between December 2007 and June 2014. – Bethesda
Magazine See item 7 below in the Financial Services Sector

• A Houston couple pleaded guilty December 2 to stealing the
identities of 50,000 victims and using the identities to apply for and obtain
230 debit cards and earn $250,000 in fraudulent Federal tax returns. – Houston
Chronicle See item 8 below in the Financial Services Sector

24. December 2, U.S.
Department of Justice – (Delaware; Virginia) CEO of Virginia health care
technology company pleads guilty to $30 million shareholder fraud and $7.5
million employment tax fraud. The founder and chief executive officer of
Virginia-based VitalSpring Technologies, Inc. pleaded guilty December 2 to a
$30 million investment fraud scheme where the former executive provided
materially fraudulent and misleading information to 160 VitalSpring
shareholders to induce investments in the company. The founder concealed that
VitalSpring failed to account for and pay over $7.5 million in employment taxes
to the U.S. Internal Revenue Service, and falsely claimed that the sale of the
company was imminent, which would have resulted in substantial profits for the
shareholders, among other misrepresentations. Source: https://www.justice.gov/opa/pr/ceo-virginia-health-care-technology-company-pleads-guilty-30-million-shareholder-fraud-and-75

Financial Services Sector

7. December 2, Bethesda
Magazine – (Maryland) Woman pleads guilty to defrauding Chevy Chase
financial company of more than $1 million. A Germantown, Maryland resident
pleaded guilty December 1 to embezzling at least $1.02 million from her
employer, a Chevy Chase-based financial institution, between December 2007 and
June 2014. The charges allege that the defendant sent banks fictitious invoices
where she forged the signature of another employee of her financial firm, and
deposited over 60 checks issued by various banks including U.S. Bank, Bank of
America, and JPMorgan Chase & Co. into her personal financial accounts. Source: http://www.bethesdamagazine.com/Bethesda-Beat/Web-2016/Woman-Pleads-Guilty-To-Defrauding-Chevy-Chase-Financial-Company-of-More-than-1-Million/

8. December 2, Houston
Chronicle – (International) Couple pleads guilty to stealing 50K
identities in tax fraud scam. A Houston couple pleaded guilty December 2 to
stealing the identities of 50,000 victims and using the identities to apply for
and obtain 230 debit cards from January 2014 – May 2015. The duo used the
stolen identities to earn $250,000 in fraudulent Federal tax returns, while
attempting to obtain a total of $1.9 million in tax refunds. Source: http://www.chron.com/news/houston-texas/article/Houston-couple-pleads-guilty-10688348.php

Information Technology Sector

31. December 2,
SecurityWeek – (International) Eight vulnerabilities found in Moxa NPort
devices. The Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT) reported that Moxa’s NPort serial device servers are plagued by
eight vulnerabilities after security researchers discovered three critical
flaws that can be exploited to retrieve an administrator password without
authentication, update the device’s firmware without authentication, and use
brute force to bypass authentication, as well as high security flaws that can
be exploited to cause a denial-of-service (DoS) condition and remotely execute
arbitrary code, among other flaws. Moxa released firmware updates for most of
the affected servers and advised its customers to install the updates.

For another story, see item 23
below from the Healthcare and
Public Health Sector

23. December 5, Softpedia
– (International) Hackers can compromise smart defibrillators and kill
the host, researchers warn. A team of security researchers discovered that
a malicious actor can compromise and intercept the wireless communication
system between Implantable Medical Devices (IMDs) and their monitors to launch
reverse engineering and distributed denial-of-service (DDoS) attacks to
compromise the devices’ security systems and take control of the devices’
functions. Researchers stated that a standby mode after the communication
between the monitors and implanted devices ends is the most effective way to
avoid the hack.

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"